mart at degeneration.co.uk
Tue May 24 08:50:21 PDT 2005
Brad Fitzpatrick wrote:
> Here's Net::OpenID::Server ....
> It's really flexible. If you find a way it's not I'd be both shocked and
> happy to fix it.
> Somebody should write a cgi script that uses this now. :)
I was going to write today a simple single-user ID Server CGI script
using this which can just be dropped in and given a single username and
password it will authorize. The target audience for this is someone who
just wants to run his own ID server for himself alone on his
I have been halted by the quandry of how to handle the auth step. My
first thought was to keep it simple and use HTTP auth, but digest auth
in a CGI script isn't easy because of the need to retain the pending
nonces. In general, maintaining any kind of state across requests is a
royal pain in a CGI script.
Having the web server handle the auth step isn't easy because eventually
the Consumer's backend code will request the public key and won't be
able to "log in".
A CGI script using this, on reflection, also seems a little pointless.
It would be far better to solve this kind of problem in PHP, which far
more people are familiar with and able to run. Did Karl ever get PHP's
crypto libraries to play ball?
More information about the yadis